Cisco Talos Blog

November 22, 2021 11:40

Vulnerability Spotlight: Multiple vulnerabilities in Advantech R-SeeNet

Yuri Kramarz discovered these vulnerabilities. Cisco Talos recently discovered multiple vulnerabilities in the Advantech R-SeeNet monitoring software. R-SeeNet is the software system used for monitoring Advantech routers. It continuously collects information from individual rou

November 22, 2021 07:30

Vulnerability Spotlight: PHP deserialize vulnerability in CloudLinux Imunity360 could lead to arbitrary code execution

Marcin “Icewall” Noga of Cisco Talos. Cisco Talos recently discovered a vulnerability in the Ai-Bolit functionality of CloudLinux Inc Imunify360 that could lead to arbitrary code execution. Imunify360 is a security platform for web-hosting servers that allows users to configure

November 17, 2021 15:03

Vulnerability Spotlight: Multiple code execution vulnerabilities in LibreCAD

Lilith >_> of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered three vulnerabilities in LibreCAD’s libdfxfw open-source library. This library reads and writes .dxf and .dwg files — the primary file format for vector graphics in CAD software. Libr

November 17, 2021 14:59

Vulnerability Spotlight: Use-after-free vulnerability in Google Chrome could lead to code execution

Marcin Towalski of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable use-after-free vulnerability in Google Chrome. Google Chrome is a cross-platform web browser — and Chromium is the open-source version of the browser that other software

November 15, 2021 14:19

Vulnerability Spotlight: Vulnerabilities in Lantronix PremierWave 2050 could lead to code execution, file deletion

Matt Wiseman discovered these vulnerabilities. Cisco Talos recently discovered multiple vulnerabilities in Lantronix’s PremierWave 2050, an embedded Wi-Fi module. There are several vulnerabilities in PremierWave 2050’s Web Manager, a web-accessible application that allows users

October 18, 2021 15:03

Vulnerability Spotlight: Multiple vulnerabilities in ZTE MF971R LTE router

Cisco Talos recently discovered multiple vulnerabilities in the ZTE MF971R LTE portable router. The MF971R is a portable router with Wi-Fi support and works as an LTE/GSM modem. An attacker could exploit all these vulnerabilities by sending a specially crafted HTTP request to th

October 14, 2021 13:17

Vulnerability Spotlight: Code execution vulnerabilities in Nitro Pro PDF

A Cisco Talos team member discovered these vulnerabilities. Cisco Talos recently discovered multiple vulnerabilities in the Nitro Pro PDF reader that could allow an attacker to execute code in the context of the application. Nitro Pro PDF is part of Nitro Software’s Productivit

October 12, 2021 15:43

Vulnerability Spotlight: Use-after-free vulnerability in Microsoft Excel could lead to code execution

Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered a use-after-free vulnerability in the ConditionalFormatting functionality of Microsoft Office Excel 2019 that could allow an attacker to execute arbitrary code on the victim machi

October 12, 2021 10:48

Vulnerability Spotlight: Vulnerabilities in Anker Eufy Homebase could lead to code execution, buffer overflows

UUpdate (Nov. 29, 2021): Anker patched five other vulnerabilities in this product affecting the same version as originally listed in this blog. These have been added to the post. Lilith >_> of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered two